RaccoonStealer botnet controller @104.21.17.146

The host at this IP address is running a malware botnet controller which is being used to control infected computers (bots) around the globe using a trojan horse.

RaccoonStealer botnet controller located at 104.21.17.146 on port 80 (using HTTP GET):
hXXp://teletop.top/stevuitreen

$ dig +short teletop.top
104.21.17.146

Referencing malware binaries (MD5 hash):
0bea974fca09703496dcca41ce759790 — AV detection: 45 / 68 (66.18)
13592ce3f7f5f21e127824988baedd53 — AV detection: 38 / 67 (56.72)
259edea310cf3042aa8b4d7526ecfce1 — AV detection: 25 / 68 (36.76)
32df2eb9a83b1a97096aa403b6e5ce3f — AV detection: 41 / 63 (65.08)
4d0f90fb39427a8bf7072403f5e0d746 — AV detection: 27 / 65 (41.54)
56b337898d860b796872da2b0fd7478e — AV detection: 25 / 68 (36.76)
592f5a61b88aac8806c68d3cad7a60e0 — AV detection: 23 / 68 (33.82)
5abf967f514466318c8786cd77a4e280 — AV detection: 39 / 69 (56.52)
5c5ccd27d385777e3e624e9eeb0958e5 — AV detection: 34 / 71 (47.89)
84d0bd6db46de122e0c965781e38183e — AV detection: 32 / 68 (47.06)
8782399ad603d45c335d950e6f5b21e8 — AV detection: 20 / 67 (29.85)
8961a5db23529a8bfdc665d435327549 — AV detection: 43 / 68 (63.24)
8e0d32c0195d67c5b2df608595e25992 — AV detection: 39 / 67 (58.21)
a1a2a0b423349f463d23969864a111c0 — AV detection: 48 / 69 (69.57)
a48f52a04c506bc0fad43183584856c2 — AV detection: 20 / 67 (29.85)
a9ad2c5948af7770c665d6e87b668090 — AV detection: 42 / 65 (64.62)
ab444e67d59822e2db238c4eb8e99d04 — AV detection: 32 / 61 (52.46)
c792a79219ef722a7b0f45b0c59beea8 — AV detection: 23 / 67 (34.33)
d46b9640171929979ce9e6b061fecfef — AV detection: 50 / 68 (73.53)
daabb579fc48612e8c836cb82d3aa2b0 — AV detection: 26 / 67 (38.81)
f84f451322cbeeb91cb8fcacf97a8c6c — AV detection: 21 / 67 (31.34)

Other malicious domain names hosted on this IP address:
jlee360.com 104.21.17.146
teletop.top 104.21.17.146

Добавить комментарий

Ваш адрес email не будет опубликован.